In the last decade, ransomware has grown from a rare but annoying threat to a $20B a year industry disrupting the daily operations of business worldwide. In just the past twelve months, ransomware attacks have risen more than 700%.
While improved backups and adoption of Next-Generation Antivirus (NGAV) solutions have made it more difficult for ransomware actors to succeed, hoping to stop ransomware at execution is not a viable long-term strategy.
Prevention Starts Long Before Infection
While the high ransoms demanded by attackers grab headlines, the cost to remediate, recover, and restore business operations, even if an attack is unsuccessful, can dramatically exceed the cost of the ransom itself – so there is a strong economic incentive for teams to reduce the number infections.
Faced with a growing onslaught of attacks, security teams are increasingly looking to adopt more proactive and innovative ways to reduce their operational risk from ransomware. With shadow IT and web-based exploitation accounting for a growing share of ransomware attacks and 1/3 of all breaches, hardening and reducing an organization’s attack surface has become a must-do tactic.
To facilitate these efforts, more and more security teams are zeroing-in on attack surface management solutions as their next big investment.
Attack surface management assists security teams by automating the discovery, analysis, and prioritization of their attack surface to identify the exposed assets most likely to be targeted by a ransomware attacker.
With cloud migration and the work-from-home boom dramatically increasing the number of assets you have exposed and vulnerable to ransom, being able to prioritize targets from the attacker’s perspective continuously and dynamically has never been more urgent.
4 Steps to Reduce Your Ransomware Risk
Identify Your Top Targets
Where is an attacker most likely to strike? ASM tools, like Randori Recon, can help answer this question by leveraging the same techniques used by advanced threat actors to discover unknown assets and identify your most tempting ransomware targets – both people and software.
Reduce Your Attack Surface
Minimize your footprint. An attacker can’t attack what they can’t find. Regularly review your publicly exposed systems to determine which ones can be taken down. For systems that must remain exposed, focus on investing in controls to harden these systems first – they are the front line.
Optimize Your Controls
Keep ransomware attackers at bay by hardening external systems and investing in controls that limit the blast radius of an incident. Ransomware incidents will happen, but you can avoid the most catastrophic damage by investing in controls that limit the spread.
Test Your Defenses
Don’t wait to see what works. Proactively test your defenses through red teaming to validate improvements and identify additional opportunities for improvements. For organizations looking to establish a red team capability, Continuous Automated Red Teaming (CART) solutions such as Randori Attack, can provide organizations with a continuous and cost-effective way to proactively assess their resiliency to ransomware.